License of the FSTEC of Russia: KI-0316-015896
GSOC is the monitoring and response center of Gazinformservice.
Behavioral analytics and automated threat detection in the center are implemented on the basis of the company's own ML solutions and products.
Behavioral analytics and automated threat detection in the center are implemented on the basis of the company's own ML solutions and products.
lines of restricted access information leaked in 2022-2023.**
57
million
56
rows of personal data have been leaked for 2022-2023.**
%
attacks in the Russian Federation against all malware are carried
out using cryptographers*
27
%
56
successful attacks led to data leaks in 2023.*
million
Why do I need a SOC?
- Continuous detection and response to computer attacks 24/7
- Ensuring the protection of the organization's reputation and assets
- Compliance with the requirements of legislation and norms in the field of information security
- An evolutionary and revolutionary approach to company development
Current SOC Services
Centralized collection, processing, analysis, and storage of data from sources, automatic identification of potential incidents, their confirmation, and notification to customer services.
Security event monitoring and incident analysis
Performing actions to localize the confirmed incident, reduce negative consequences, oust the attacker from the infrastructure, and restore normal operation.
Incident response
Analyzing the consequences of hacking computer systems, collecting evidence of cybercrimes, building a chain of actions of intruders and checking for bookmarks left in the infrastructure.
Incident investigation (forensics)
Transmission of information about incidents in the client's infrastructure to the NCC by agreement or automatically. Interaction with the GosSOPKA center on behalf of the client.
GosSOPKA Commercial Center
Penetration testing (pentest)
Identification of vulnerabilities and ways to exploit them. Checking the possibility of penetration from external networks into the customer's infrastructure. Development of recommendations to increase the level of security and eliminate identified vulnerabilities.
Search for traces of intruders and malicious software in the client's infrastructure - collecting information and settings from assets on the network, detailed manual and machine data analysis, and generating an exhaustive report. Full-cycle Compromise Assessment.
Search for traces of compromise
15 minutes
30 minutes
120 minutes
30 minutes
120 minutes
24/7
detection of attacks
from Mitre att&ck
from Mitre att&ck
15 minutes
30 minutes
120 minutes
30 minutes
120 minutes
Confirmation
Identification
Service level Agreement
Type of incident
Highly reliable
Typical
Atypical
Typical
Atypical
GSOC Architecture
GSOC Architecture